Re: merge tracking: rejecting commits from svn clients < 1.5

Alan Barrett wrote:
> Please don't conflate svn:// with svn+tunnel://. They have very
> different security properties. As a user who strongly prefers
> svn+ssh:// access (partly for ease of setup on the server side, and
> partly because of the good security properties) , I find this idea of
> treating non-apache access as a second class citizen very disconcerting.

Blair's original question was related to *public* svn repositories.
svn+ssh:// access is morally equivalent to file:/// access, and is, as
such, a *local* access protocol (since it requires a local account to be
associated with the ssh key). Additionally, the svnserve protocol was
never intended (AFAIK) to be 100% feature equivalent to mod_dav_svn, but
rather as a lower-overhead protocol.

This is a very different beast from http:// access, which is designed
specifically to be handled over a public transport method, and to
bootstrap on the existing Apache infrastructure. As much as possible,
it would be prudent to maintain as much comparable features as possible
between http:// and svn://, but there are limitations to the underlying
protocols that may make some things easier and others difficult. As the
main thread has progressed, it is even questionable whether the client
version string is available to mod_dav_svn.

John

-- 
John Peacock
Director of Information Research and Technology
Rowman & Littlefield Publishing Group
4501 Forbes Boulevard
Suite H
Lanham, MD  20706
301-459-3366 x.5010
fax 301-429-5748
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org